If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Sophos: "Apple Good Security Choice" Over Windows

I found this article interesting, nothing like a security-based company stating their own opinion on which OS is more secure.

From PC-Pro.com:

Sophos says Apple good security choice 2:39PM

Experts at UK security company Sophos suggest Apple might be the best route to security for the masses - that is, until consumers all buy one
UK security company's senior technology consultant Graham Cluley rolled out the damning virus statistics for 2005, showing that with a 48 per cent rise in new viruses, buying a Windows box has never been more risky.

This year saw nearly 16,000 new viruses added to the Sophos database. It's a recognition of the responsiveness and efficiency with which the virus underground operates, using a variety of techniques such as using different packaging algorithms, releasing multiple virus variants simultaneously and tweaking old versions to broaden the scope for successful infection.

Last month saw the biggest slew of new viruses on record, with some 1,940 new signatures added to the Sophos library. And with so much advice and code available online, it's never been easier to add to this list. 'It's kind of like open-source,' said Cluley of the ease with which it is possible to access and edit viral code off the Net. 'There is a problem with too much information being out there.'

And it's the ease with which viruses can now be written in conjunction with a generally homogenous computing environment that is the biggest hurdle for computer security.

Virus writers can now be far more opportunistic. The massive numbers of Windows computers hooked up to broadband connections are a big, big target. Whether it's spamming campaigns exploiting avian bird-flu hype, 419 and phishing scams on the London bombings or public proof of concept code for a software flaw, malware authors can initiate a campaign within hours.

Cluley is full of praise for Microsoft however - particularly for the success of Windows Service Pack 2. 'Microsoft should be applauded for improving its operating system, because it has made the Internet a safer place,' he said.

Plug an unprotected XP computer to the Internet and there's only a six per cent chance of avoiding infection within an hour. Add in SP2 and that figure plummets.

Yet that's clearly not the end of the story. And Microsoft itself is concerned over its own figures showing that barely 30 per cent of customers are running up to date antivirus software.

Cluley too thinks that much of the virus infections are within the consumer rather than business space, with millions of computers running out-of-date antivirus software, if they're running any security software at all.

So something has gone wrong. Two-thirds of Microsoft's own customers are not getting the message and shoring up the systems against the viral tide. No wonder it's bringing out its own OneCare antivirus solution for Windows users.

But perhaps they see it as Microsoft's job to provide a secure platform in the first place, and not their responsibility to dig into their wallets to patch up the bits Microsoft got wrong.

Cluley said that a recent survey it took on the Zotob worm revealed that 35 per cent of the businesses polled thought it was all Microsoft's fault.

But Cluley disagreed, on the basis that it's impossible to guarantee a perfect flawless system. It's the homogeneity that is the problem.

'If everyone used the same antivirus, then that's a disaster too,' he said.

In fact, he thinks Microsoft is now doing such a good job on the security front that attackers will increasingly turn to applications and tools such as Google's Desktop Search as the vector for the next wave of attacks.

'They'll be looking for the add-ons and plug-ins that are popular, and used by lots of people, to find holes in and exploit,' he said.

But there are other options. Plug an unprotected Apple or Linux box onto the Internet, and you can expect to see the infection rate flatline, said Cluley.

That's not to say there are no viruses for Mac OS X or the various Linux distributions, but Windows viruses dwarf them.

'It wouldn't really work for businesses,' said Cluley, 'But for consumers I think [Apple] is quite good.'

You can accuse it of security through obscurity, but in a world where 70 per cent of Windows users don't feel the responsibility of securing their computers, perhaps they are better off with a less targeted platform. Perhaps they don't deserve Windows.

No one expects to have to open the hood of a new car and make adjustments
before it is to become roadworthy. Even intelligent users assume that the default install
is the intended mode of operation. you shouldn't have to jump through hoops
to make an OS reasonably safe. Windows fans keep saying that viruses
attack windows because of the installed base. They are whistling past the graveyard.
Windows is more attacked because it is more vulnerable.

Actually, the discovery of multiple securities in Windows derives exactly from the fact that it is the largest in the marketplace. This is network economics at work. Windows is dissected most precisely because it is most accessible to dissection.

It is also insecure because it is intended to be user friendly and highly functional. Any one who works for any length of time in security knows that security and usability are diametric opposites.

Both *nix and Mac Os benefit from negative network economics. Fewer use them and therefore fewer also abuse them. They are also less accessible to the non uber geek. Mac OS is anyway just *nix with a particularly shiny bonnet and a nice mascot figurine on top.

The 'blame Bill Gates for everything' is getting to be a tired and lame sounding theme in hacker land. Nothing succeeds like success but nobody disses failures to the marketplace either - like who goes around saying 'Betamix- now there was a lame idea!'. Fame has the price of defamation.

BTW all those shiny new viruses - they just repeats of last year's ideas. Nobody has come up with the new big bad yet. They're just taking advantage of poor patching policy to prolong the half life of current viral families.

I completely agree with tenzenryu, lol I was actually in the process of writing about the same
subject when I saw someone beat me to it.

Actually, the discovery of multiple securities in Windows derives exactly from the fact that it is the largest in the marketplace. This is network economics at work. Windows is dissected most precisely because it is most accessible to dissection.

If we all used Apple and they dominated the market, then the majority of the worms/viruses would be tearing through those OS's. Im no expert, but thats my $0.02 on the matter...not
to mention Ive been reading through the forums for a while now...and this is my first post:P

Windows is dissected most precisely because it is most accessible to dissection.

It is not the most accessible. that prize should go to linux, being open source.
Windows is just an easier target. I don't think its popularity explains the
vulnerability. It's more the other way around. Yeah, it aims at ease of use,
but Mac is famous for ease of use, but that doesn't make it easier to
exploit. Anyway, it's a weak argument, claiming that it's only attacked
because of its popularity.

Let's try an experiment, ban windows from the internet and see what the statistics
do over both short and long term. If the other systems suffer from the same amount of malware
I will admit you were right. Either way, we will be rid of Microsoft, and that will be a good thing.

A PC bought by the average users is a white good, that is, the same to them as a dishwasher or a TV, "Settings and fixes are for geeks and the PC should just work out of the box - end of story".

A new Mac is closer to that goal in that just to switch on the machine and use it initially you won't be logged in with administrator privaliges. Do that with a Windows PC just run with the defalts and you'll be set up as admin.

The market dominance of windows makes it the primary target for people looking for vulnerabilities. But the vulnerabilities have to exist and be exploitable before the cracker can have his/her wicked way.

Out the box Windows is open to exploitation and needs to be closed down to make it more robust.
Out the box a Mac is less open (and also less of a target).

Microsoft released 2003 server with a more locked down setup by default I'd be surprised if Vista wasn't released in a similar way.

Microsoft will never openly admit error for the loose configuration of
past versions, but I agree, they will probably tighten it up in the
future. just like car companies that never admit that a feature was
unsafe, but, sure enough, remove or redesign it for the next
model year.

I stand by the assertion that there has to be some qualitative
difference in the security of the Mac, not that it's just a smaller market share.
Why does that fact offend people so much?

I think the main point I was making was that I was tired of people dissing Microsoft. It's old is what I am saying. I also think my argument about network economics stands. While you can't achieve security through obscurity, security because of obscurity does happen. It is a mirage. It's not real. And MS security is as someone else pointed out quite good, just underutilised.

Should computers be secure out of the box? Well, I think part of the problem is thinking of computers as white goods. They aren't and probably won't be for quite a while. There will come a point when the number of services that the Joe Sixpacks and their Kiddies require from a computer reach a 'level' and the requirement to install additional software will tend towards zero. At that point, Microsoft will have established the 'white goods' niche that it has probably always being aiming at.

A short time after the security of these machines will mature and Windows (or whatever they call it by that stage) will be as secure as it can be. It will not be wholly secure, anymore than a washing machine is always guaranteed to work, but it will have reached an acceptable level of security and usability that will satisfy the ordinary user.

The risks currently associated with these machines will then transfer to specialist machines, the ones that still offer openess and flexibility in the way they can be used. At that point, look out *nix inter alii.

The risks will also transfer to new technologies especially in the communications arena. I foresee the return of the uberphreaker. I virtually swear it.

Read it for yourself, the relevant part (for this thread) is the last paragraph.

Of course the downside of all this is that it will require home users, who have probably just worked out how to install software using default settings, to configure the whole setup properly

I really don't think MS have got it. This is possibly a wider problem of the people who create the software being too close to the problem (can't see the wood for the trees). The programmers see any configuration as trivial just because it is second nature to them. They don't seem to comprehend just how intimidating making even simple changes is to a great many users.

It's like asking drivers to manually adjust their suspension/engine etc everytime they travel on a different type of road.

<edit> Just a coincidence but this article is talking about some of the issues

It's just I am really getting tired of people who declare themselves l33t because a) they dis MS and b) they can spell l33t - get a life!

I don't think MS have got it wrong - they just haven't got it right yet! They are clearly taking on board the feedback and they are doing something about it. They have certainly got to the point where MS is a really bad platform to try and hack (sorry, I mean pen test) from. They haven't yet got to the point where it is a really bad platform to try and hack into but imo they are definitely aiming for and will eventually achieve commodity usability and commodity security. They are buying out too many people who really know what they are doing to do otherwise.